Lucene search
Veracode Vulnerability DatabaseVERACODE:39977HistoryMar 29, 2023 - 6:21 a.m.
Denial Of Service (DoS)
2023-03-2906:21:02
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
denial of service
dos attacks
software vulnerability
tavgpoolgrad
application crash
EPSS
0.001
Percentile
36.1%
tensorflow is vulnerable to Denial of Service (DoS) attacks. A malicious user is able to cause a heap-based buffer over overflow in TAvgPoolGrad, resulting in an application crash.
References
github.com/advisories/GHSA-6hg6-5c2q-7rcr
github.com/tensorflow/tensorflow/commit/d76eccc03b8c7752a4d77ee5f7f0f73ef5982ac9
github.com/tensorflow/tensorflow/commit/ddaac2bdd099bec5d7923dea45276a7558217e5b
github.com/tensorflow/tensorflow/pull/59538
github.com/tensorflow/tensorflow/security/advisories/GHSA-6hg6-5c2q-7rcr
Related
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in TensorFlow (CVE-2023-25664)
2023-06-28 20:15:26
osv
osv
CVE-2023-25664
2023-03-25 00:15:07
TensorFlow has Heap-buffer-overflow in AvgPoolGrad
2023-03-24 21:58:04
BIT-tensorflow-2023-25664
2024-03-06 11:09:06
cvelist
cvelist
CVE-2023-25664 TensorFlow vulnerable to Heap Buffer Overflow in AvgPoolGrad
2023-03-24 23:40:40
cnvd
cnvd
Google TensorFlow Buffer Overflow Vulnerability (CNVD-2023-43888)
2023-03-29 00:00:00
github
github
TensorFlow has Heap-buffer-overflow in AvgPoolGrad
2023-03-24 21:58:04
prion
prion
Heap overflow
2023-03-25 00:15:00
cve
cve
CVE-2023-25664
2023-03-25 00:15:07
nvd
nvd
CVE-2023-25664
2023-03-25 00:15:07
cbl_mariner
cbl_mariner
CVE-2023-25664 affecting package tensorflow for versions less than 2.11.1-1
2024-09-28 21:12:13
nessus
nessus
TensorFlow < 2.11.1 Multiple Vulnerabilities
2024-05-20 00:00:00
TensorFlow < 2.12.0 Multiple Vulnerabilities
2024-05-31 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00